National Cyber Security Centre to fight hackers with DNS filtering

GCHQ's new cyber centre wants to be more "active" in the fight against hackers

Britain's cyber security is set to get more "active" - and may include GCHQ sharing its DNS-level attacker blocking system with private companies. 

The new National Cyber Security Centre (NCSC) is set to open in October, and will be the UK's central body for fighting cybercrime. 

And one tactic on the cards is automating defences against low-level, but high-volume, attacks, said the NCSC's head, Ciaran Martin. 

Advertisement - Article continues below

Martin told the BBC that about 200 "national-security-level" attacks are spotted each month, but they're not always particularly sophisticated - the TalkTalk attack, for example, used well-known techniques. The government's initial plans for a central cyber fighting organisation believed the private market could handle lower end threats, but that doesn't appear to be the case, so the NCSC will be hoping to target them with help from automation. 

"Far too many of these basic attacks are getting through," Martin told the BBC. "And they are doing a lot of damage."

To fight back, the NCSC is turning to "active cyber-defence". That doesn't mean actively pursuing and arresting hackers, but taking proactive measures to limit the damage of existing cyber criminals. 

For example, Martin said the government has stopped its own email from being spoofed. "We trialled it, and whoever was sending 58,000 malicious emails per day from taxrefund@gov.uk... isn't doing it anymore," Martin said.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

It's also turning to DNS filtering, in which malware or attacks seen by GCHQ are blocked at the network level, stopping the routes known criminals use to target Brits.

NCSC has evolved out of GCHQ, but the intelligence agency is apparently keen to share its DNS filtering with the public and private businesses, including ISPs. Reports suggest the filters would be opt out, so you could turn off the GCHQ filter if your ISP does sign up for the program - which may help calm concerns from digital rights campaigners that this is a Chinese-style "great firewall", but then again it hasn't yet been made clear who or how sites will be listed for blocking. 

Advertisement

Recommended

Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020
Visit/security/internet-security/355228/mozilla-fixes-two-firefox-zero-days-being-actively-exploited
internet security

Mozilla fixes two Firefox zero-days being actively exploited

6 Apr 2020

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020